Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
-
submitted
25/08/2024, 09:40 UTC
General
-
Target
c075fcfeecc016a58ca8dd8271b634dd_JaffaCakes118.pdf
-
Size
42KB
-
MD5
c075fcfeecc016a58ca8dd8271b634dd
-
SHA1
2addef27614dec4e47d07966a10156e3d8fd62c8
-
SHA256
d9a9212e32e3bceb2741d7aa3c9624e95e21a384e6c4da4c9212b4a59fbc4f31
-
SHA512
4f61a640c6d3a08449d478d07f48c5a9206e08021ad5a25cf102bf46e3b0d0f5ebec509a6639f6064bd8b8c8241280a0fa95d7b3752a4c021b14827089f061f5
-
SSDEEP
768:nQgGzpDxaDILn1yuANYKnFAkYgfeN3pPCQHbpM2jsSDaZ1xbzSgH82BVI:9GFtQGN5aQHNM2js2aHxbegPBVI
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c075fcfeecc016a58ca8dd8271b634dd_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5609774feda3e0a6b9ebada642d048ea4
SHA1c4688d6972246fa5d0d160f630bd34aaa62871c9
SHA256441eb1805693f47e9685411cf879007afa78a4132e297e0d3c2394571fa3da02
SHA512649c3c94aee51ba5ff6ef22d35c2e45b3f77b37bbed5fe9880b95259dc8a7a4647fba17db2b3c4c557ea6f38fe5da461f7162978350977869034381b366b856e